Offers “Axa”

Expires soon Axa

Information Security Officer

  • Paris 1er Arrondissement (Paris)
  • Marketing

Job description



To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees'.

Job purpose

·
Lead the local implementation of the Target Operating Model, agreed between Group CSO and Local CIO, in line with the Corporate CSO

·
Act as a key advisor to local entity senior management (CEO, CIO, CRO, Corporate CSO) on information security matters (e.g. information risk management, cybersecurity, information security control, monitoring, information privacy, operations, identity access management, security architecture, forensics)

·
Act as a leader at the local entity to drive security in terms of assessment, risk appetite, report and promotion in an entity to advise and challenge businesses

·
Drive cultural and organizational change throughout the local entity and implement a sustainable information security practice

·
Lead, develop and deploy a portfolio of security services for the local entity

·
Contribute to the development of the security shared services and ensure implementation of the shared services within the local entity

More specifically, the Security Officer AXA IT will:

·
Coordinate and ensure the full coverage of AXA IT with 2 Security Officers

·
Secure and coordinate yearly security targets defined for the entity / department

·
Ensure IT strategy is aligned with the security standards of Group security, cyber security team, SOC, and entity security

·
Ensure policies and mechanisms are in place to meet compliance requirements across the products. If not, define the relevant security policy, collaborating with IT Architecture and IT Operations and enforce it

·
Identify risks where security requirements cannot be fully addressed in the timeframe of a project

·
Address security questions and concerns from any part of AXA entities related to shared security platforms

·
Detect and react to security related incidents and audit points across shared platforms

·
Ensure new products and features are securely built

·
Ensure product adoption are aligned with the IAM processes

·
Manage and minimize non-compliant AXA assets with support of operational teams

·
Look for opportunities where security can be optimized and enhanced

Desired profile



Qualifications :

Education & certification

· 
A degree in information security, computer science, information management systems, Business, Accounting or related field

· 
A post-graduate degree in security or general management (such as an MBA) is an advantage but not essential

Certification

· 
Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent) strongly preferred

· 
Business Continuity Industry certification (MBCI, DRII…) ) is an advantage but not essential

· 
Physical security certification (CPP, PSP, BTEC…) ) is an advantage but not essential

· 


Overall work experience in the field

· 
Experience in security, IT audit or related area > 10 years

· 
Leadership/ management experience > 7 years

· 
Previous experience managing a remote/international team preferred

· 
Previous experience as interim or acting Chief Information Security Officer, Physical Security Officer, Operational Resilience Officer, Business Continuity Officer or extensive experience reporting to a CEO, CIO, Chief Audit Officer, Chief Risk Officer or other senior executive in an international organization.

Skills / abilities

· 
Ability to effectively negotiate a decentralized and political corporate environment

· 
Strong networking skills

· 
Team player

· 
Ability to apply analytical rigour to understand complex business scenarios

· 
Fluent in English

Make every future a success.
  • Job directory
  • Business directory